Oracle E-Business Suite Workflow Vulnerability in Admin Screens and Grants UI Allowing Unauthorized Data Access and Modification

Vulnerability

A vulnerability exists in the Oracle Workflow component of Oracle E-Business Suite, specifically within the Admin Screens and Grants UI. This issue affects versions 12.2.3 through 12.2.14. The vulnerability is easily exploitable, allowing a low-privileged attacker with network access via HTTP to compromise Oracle Workflow. Successful exploitation could lead to unauthorized read access to certain Oracle Workflow data, as well as unauthorized updates, inserts, or deletions of other accessible data.

Impact

Exploitation of this vulnerability could result in unauthorized access to read, update, insert, or delete certain Oracle Workflow data.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.3

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.3

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle E-Business Suite Workflow Vulnerability in Admin Screens and Grants UI Allowing Unauthorized Data Access and Modification

Vulnerability

Impact

Affected Products

Oracle Workflow

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating